Michael Tremer [Thu, 12 Nov 2015 00:25:50 +0000 (00:25 +0000)]
dma: New package
Fixes #10953
Fixes #10954
The dma-queue-flush.timer will execute the corresponding service
file every hour to call dma and send out all mails. The
dma-cleanup-spool.timer is used to periodly call the service
file for cleaning up the DMA spooler directory.
Both timer files will be enabled during installation of the dma package.
Fixes #10955
This dma-cleanup-spool script cleans up the spool directory from
DMA mail service after defined period of time. Otherwise the spool
dir may be flooded.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Stefan Schantl [Mon, 26 Oct 2015 09:48:54 +0000 (10:48 +0100)]
python-lxml: New package
lxml provides a Python binding to the libxslt and libxml2 libraries.
It follows the ElementTree API as much as possible in order to provide
a more Pythonic interface to libxml2 and libxslt than the default
bindings. Build dependency for systemd python bindings.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Sat, 17 Oct 2015 23:51:35 +0000 (01:51 +0200)]
bison: Update to 3.0.4.
This is a major update to the latest stable version of bison.
A short excerpt of the changelog:
Several deprecated features were removed, such as support for YYFAIL, yystype,
yyltype, YYLEX_PARAM, and YYPARSE_PARAM. The user epilogue is no longer affected
by internal #defines. The recently-introduced dependency on stdio.h when
locations are enabled was removed. Caret errors, as introduced in 2.7, are now
activated by default. The "-Werror" option was enhanced, and categorization of
warnings and errors was modified. Many other changes and various bugfixes were
made.
I also added flex as a build dependency to prevent from errors when running
the testsuite.
Fixes #10403.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Sat, 17 Oct 2015 22:40:34 +0000 (00:40 +0200)]
automake: Add non detected dependencies of perl modules
automake has non detected dependencies to perl(threads) and
perl(Thread::Queue).
After updating perl to version 5.20 those modules have been
moved into own sub-packages which are not installed because
these dependencies are not correctly detected and tracked in
the automake package.
Manually adding them will solve this problem and provides
a working version of automake again.
The whole problem also has been filed on the RH bugtracker:
https://bugzilla.redhat.com/show_bug.cgi?id=919810
Fixes #10944.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Fri, 16 Oct 2015 21:20:04 +0000 (23:20 +0200)]
strongswan: Update to 5.3.3
This is a minor update to the latest stable version of strongswan.
The support and usage of systemd explicitly has been enabled and
the dependency to systemd has been updated because the configure script
of strongswan is looking for the systemd compat libraries which are provided
by systemd 221-2 and later versions.
There was the requirement to move some libraries to %{libdir} because
of a hard-coded RPATH, which is against our release policy.
Fixes #10896.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 16 Oct 2015 20:46:33 +0000 (21:46 +0100)]
openvpn: Drop package
The IPFire Developer Summit decided to drop OpenVPN support
from IPFire 3 since it has many issues that don't seem to get
solved in the near future and nobody volunteered to maintain
this package.
Development is focussing on IPsec for now and OpenVPN may
come back later when resources have been freed or there
is enough demand (including volunteers to work on it).
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Fri, 9 Oct 2015 18:00:36 +0000 (20:00 +0200)]
xorg-x11-util-macros: Update to 0.19.0.
This is an update to the latest version of the
xorg-x11-util-macros which are required by various
X11 tools and wayland.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Timo Eissler <timo.eissler@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Fri, 9 Oct 2015 17:57:33 +0000 (19:57 +0200)]
xcb-proto: Update to 1.11.
This is an update to the latest stable release to the xcb
development headers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
reviewed-by: Timo Eissler <timo.eissler@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Fri, 9 Oct 2015 17:05:57 +0000 (19:05 +0200)]
icu: Update to version 56.1.
This is an update to the latest stable release.
As a benefit of this, the brocken tests also are fixed.
Fixes #10789
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
reviewed-by: Timo Eissler <timo.eissler@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Thu, 10 Sep 2015 17:33:40 +0000 (19:33 +0200)]
systemd: Update to 221.
This is an update to the latest stable version of systemd. I also fixed
some problems with a non existing user group (systemd-journal) which have triggered
error messages to the journal in the past.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 11 Aug 2015 19:20:40 +0000 (20:20 +0100)]
ipfire-release: Enable unstable repository by default
When mastering new images we enable the unstable repository
for testing releases manually. This patch changes this to
be the default behaviour for the time as there is no
release of IPFire 3.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Sun, 9 Aug 2015 18:35:57 +0000 (20:35 +0200)]
ddns: Update to 008.
Update to the latest version of ddns - including a lot of upstream patches,
with various improvements and new providers, systemd support and generate the manpages.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 3 Aug 2015 14:59:51 +0000 (15:59 +0100)]
lighttpd: Drop package
lighttpd was originally used to run the IPFire web infrastructure
and also inteded to be used to host the web user interface in
IPFire. It was chosen because of its lightweight design and
small footprint.
However, development of lighttpd has stalled since a long time
and it does not support all the major web technologies any more.
Hence it is now removed from the distribution in favor of other
alternatives.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 3 Aug 2015 14:54:32 +0000 (15:54 +0100)]
db4: Remove package
Recently all packages that depend on the berkeley database
have been moved to the libdb package (db >= 5). All packages
that are compiled against db4 in any version can pull in
the compat-db package now which comes with older versions
of the library.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 3 Aug 2015 14:51:40 +0000 (15:51 +0100)]
kernel: Remove code to disable icecream
The kernel could not be compiled with icecream because of
the GCC plugins that were used. icecream has now been
removed from the distribution and there is no need to
keep this line in any more.
No rebuild needed.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 9 Jul 2015 19:59:34 +0000 (21:59 +0200)]
openssl: Update to 1.0.2d (CVE-2015-1793)
Alternative chains certificate forgery (CVE-2015-1793)
======================================================
Severity: High
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
http://openssl.org/news/secadv_20150709.txt
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>